package com.zjtx.blog.utils;

import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;

public interface SecurityConstants {
    // Redis键前缀
    String IP_REQUEST_COUNT_PREFIX = "security:ip:request:count:";
    String IP_BLACKLIST_PREFIX = "security:ip:blacklist:";
    String MALICIOUS_UA_PREFIX = "security:ua:malicious:";
    String IP_LOCALHOST_REGEX = "^(127\\.0\\.0\\.1|localhost|0:0:0:0:0:0:0:1|::1)$";

    int SC_TOO_MANY_REQUESTS = 429;

    // 恶意User-Agent列表
    Set<String> MALICIOUS_USER_AGENTS = new HashSet<>(Arrays.asList(
            "MJ12bot", "360Spider", "curl", "Hello, World",
            "Palo Alto Networks", "Gh0st", "sqlmap", "nikto",
            "nessus", "burp", "zaproxy", "nmap", "masscan",
            "gobuster", "dirb", "dirbuster", "wfuzz", "hydra",
            "python-requests", "scrapy", "wget", "curl", "java", "okhttp",
            "apache-httpclient", "axios", "got", "node-fetch"
    ));

    // 常见的攻击模式关键词
    Set<String> ATTACK_PATTERNS = new HashSet<>(Arrays.asList(
            "union select", "select @@version", "and 1=1", "or 1=1",
            "exec(", "xp_cmdshell", "sp_", "information_schema",
            "<script", "javascript:", "onerror=", "onload=",
            "../", "..\\", "%2e%2e", "%2f", "%5c",
            "eval(", "base64_", "system(", "exec("
    ));

    // 恶意路径模式 - 扩展版
    List<Pattern> MALICIOUS_PATHS = Arrays.asList(
            // 常见的爬虫和扫描路径
            Pattern.compile(".*/GponForm/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/boaform/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/cgi-bin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.env.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.git.*", Pattern.CASE_INSENSITIVE),

            // 敏感配置文件
            Pattern.compile(".*/configuration/.*\\.\\w*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/settings/.*\\.\\w*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*\\.(?:properties|yml|yaml|xml|conf|cfg|ini)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/web\\.xml$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/applicationContext\\.xml$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/log4j\\.\\w*$", Pattern.CASE_INSENSITIVE),

            // 数据库相关文件
            Pattern.compile(".*\\.(?:sql|db|dump|bak|backup|old)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/database/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/db/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/mysql/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/sql/.*", Pattern.CASE_INSENSITIVE),

            // 版本控制和开发文件
            Pattern.compile(".*/\\.svn/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.hg/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.bzr/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.DS_Store$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.htaccess$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.htpasswd$", Pattern.CASE_INSENSITIVE),

            // 日志和临时文件
            Pattern.compile(".*\\.(?:log|tmp|temp|cache)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/logs?/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/tmp/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/temp/.*", Pattern.CASE_INSENSITIVE),

            // 管理和调试接口
            Pattern.compile(".*/admin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/manager/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/manage/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/debug/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/test/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/dev/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/setup/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/install/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/backup/.*", Pattern.CASE_INSENSITIVE),

            // 常见的Web应用漏洞扫描路径
            Pattern.compile(".*/phpmyadmin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/pma/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/mysql/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/sqladmin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/webdav/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/webshell/.*", Pattern.CASE_INSENSITIVE),

            // 常见CMS和框架的敏感路径
            Pattern.compile(".*/wp-admin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/wp-login\\.php$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/jmx-console/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/web-console/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/axis2/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/webservice/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/struts/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/spring/.*", Pattern.CASE_INSENSITIVE),

            // 序列化和反序列化攻击路径
            Pattern.compile(".*\\.(?:ser|serialized)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/deserialize/.*", Pattern.CASE_INSENSITIVE),

            // 命令执行和远程代码执行测试路径
            Pattern.compile(".*/cmd/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/exec/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/shell/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/system/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/process/.*", Pattern.CASE_INSENSITIVE),

            // XSS和注入测试路径
            Pattern.compile(".*/xss/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/inject/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/sqlinjection/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/sqli/.*", Pattern.CASE_INSENSITIVE),

            // 常见的目录遍历测试路径
            Pattern.compile(".*/\\.{2,}/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/%2e%2e/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/\\.\\./.*", Pattern.CASE_INSENSITIVE),

            // 特定漏洞利用路径
            Pattern.compile(".*/actuator/.*", Pattern.CASE_INSENSITIVE), // Spring Boot Actuator
            Pattern.compile(".*/druid/.*", Pattern.CASE_INSENSITIVE),     // Alibaba Druid
            Pattern.compile(".*/swagger/.*", Pattern.CASE_INSENSITIVE),   // Swagger API
            Pattern.compile(".*/api-docs/.*", Pattern.CASE_INSENSITIVE),  // API文档
            Pattern.compile(".*/hystrix/.*", Pattern.CASE_INSENSITIVE),   // Hystrix监控
            Pattern.compile(".*/heapdump$", Pattern.CASE_INSENSITIVE),    // 堆转储文件
            Pattern.compile(".*/threaddump$", Pattern.CASE_INSENSITIVE),  // 线程转储文件
            Pattern.compile(".*/logfile$", Pattern.CASE_INSENSITIVE),     // 日志文件
            Pattern.compile(".*/loggers/.*", Pattern.CASE_INSENSITIVE),   // 日志配置
            Pattern.compile(".*/env$", Pattern.CASE_INSENSITIVE),         // 环境变量
            Pattern.compile(".*/configprops$", Pattern.CASE_INSENSITIVE), // 配置属性
            Pattern.compile(".*/trace$", Pattern.CASE_INSENSITIVE),       // 请求追踪
            Pattern.compile(".*/mappings$", Pattern.CASE_INSENSITIVE),    // URL映射
            Pattern.compile(".*/metrics/.*", Pattern.CASE_INSENSITIVE),   // 度量信息
            Pattern.compile(".*/health$", Pattern.CASE_INSENSITIVE),      // 健康检查

            // 常见的WebShell路径
            Pattern.compile(".*\\.(?:jsp|asp|aspx|php|do|action)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/shell\\.(?:jsp|asp|aspx|php)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/cmd\\.(?:jsp|asp|aspx|php)$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/backdoor\\.(?:jsp|asp|aspx|php)$", Pattern.CASE_INSENSITIVE),

            // 常见的扫描器特征路径
            Pattern.compile(".*/w00tw00t\\.at\\.blackhats\\.rocks/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/HNAP1/$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/sdk$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/muieblackcat$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/server-status$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/server-info$", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/status$", Pattern.CASE_INSENSITIVE),

            // 物联网设备常见漏洞路径
            Pattern.compile(".*/HNAP1/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/setup/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/diagnostic/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/tools/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/command/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/ping/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/telnet/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/ssh/.*", Pattern.CASE_INSENSITIVE),

            // 常见的模糊测试路径
            Pattern.compile(".*/fuzz/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/fuzzer/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/burp/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/zaproxy/.*", Pattern.CASE_INSENSITIVE),

            // 常见的API测试路径
            Pattern.compile(".*/api/v[0-9]+/admin/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/api/internal/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/internal/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/private/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/secret/.*", Pattern.CASE_INSENSITIVE),

            // 常见的后门路径
            Pattern.compile(".*/backdoor/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/godmode/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/hidden/.*", Pattern.CASE_INSENSITIVE),
            Pattern.compile(".*/undocumented/.*", Pattern.CASE_INSENSITIVE)
    );
}
